blue screen: DRIVER_IRQL_NOT_LESS_OR_EQUAL

I had a virus or malware that would cause internet explorer to go to webpages other than the ones I clicked on. I ran OTL (will post log), but when I tried to run ASWMBR, I would get the blue screen saying "A problem has been detected and windows has been shut down to prevent damage to your computer. DRIVER_IRQL_NOT_LESS_OR_EQUAL. Technical info stop:0x000000D1 atapi.sys address 1=74A7D23 base at F74A2000, datestamp 4802529d.
-------------------------------------
Also got the following:
microsoft windows
error signature
BCCode : 100000d1 BCP1 : 007500CC BCP2 : 0000000D BCP3 : 00000000
BCP4 : F74A7D23 OSVer : 5_1_2600 SP : 3_0 Product : 768_1

error report contents

The following files will be included in this error report:
C:\DOCUME~1\KRISTI~1.NEW\LOCALS~1\Temp\WERdbec.dir00\Mini091511-01.dmp
C:\DOCUME~1\KRISTI~1.NEW\LOCALS~1\Temp\WERdbec.dir00\sysdata.xml
------------------------------
and then this window opened:
http://wer.microsoft.com/responses/Response.aspx/10/en-us/5.1.2600.2.00010300.3.0?SGD=bb1badc3-9f3f-485a-abad-49f9705785d5
Stop (blue screen) error caused by a device or driver

You received this message because a hardware device, its driver, or related software has caused a stop error, also called a blue screen error. This type of error means the computer has shut down abruptly to protect itself from potential data corruption or loss. In this case, we were unable to detect the specific device or driver that caused the problem.

The following troubleshooting steps might prevent the stop error from recurring. Try them in the order given. If one step does not solve the problem, then move on to the next one.
Steps to solve this problem

Download and install the latest updates and device drivers for your computer

Scan your computer for viruses

Check your hard disk for errors
Steps to work around this problem

Warning
These steps are designed to address a particular problem but might do so by temporarily disabling or removing some functionality on your computer.

Remove any new hardware or software to isolate the cause of the blue screen

Restore your computer to an earlier state

Advanced troubleshooting

-----------------------------------

Extras.txt
TL Extras logfile created on: 9/15/2011 6:15:17 AM - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Kristina.Newman\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.63% Memory free
3.33 Gb Paging File | 2.43 Gb Available in Paging File | 72.81% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92.96 Gb Total Space | 69.46 Gb Free Space | 74.72% Space Free | Partition Type: NTFS

Computer Name: MSKMNEWMAN | User Name: Kristina.Newman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*

[HKEY_CURRENT_USER\SOFTWARE\Classes\]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [FinePix] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" "%1" (FUJI PHOTO FILM CO.,LTD.)
Directory [FinePixPrint] -- "C:\Program Files\FinePixViewer\FinePixViewer.exe" /p "%1" (FUJI PHOTO FILM CO.,LTD.)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 1
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008
"8085:TCP" = 8085:TCP:*:Enabled:fio32

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (America Online, Inc)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\TOSHIBA\ivp\NetInt\Netint.exe" = C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrade Engine -- (TOSHIBA Corporation)
"C:\TOSHIBA\Ivp\ISM\pinger.exe" = C:\TOSHIBA\IVP\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger -- (TOSHIBA Corporation)
"C:\Program Files\America Online 9.0\waol.exe" = C:\Program Files\America Online 9.0\waol.exe:*:Enabled:America Online 9.0 -- (America Online, Inc.)
"C:\Program Files\Yahoo!\Messenger\YPager.exe" = C:\Program Files\Yahoo!\Messenger\YPager.exe:*:Enabled:Yahoo! Messenger
"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server
"C:\Program Files\Yahoo! Games\Slingo Deluxe\Slingo.exe" = C:\Program Files\Yahoo! Games\Slingo Deluxe\Slingo.exe:*:Enabled:Slingo ®
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" = C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger
"D:\setup\HPZNUI01.EXE" = D:\setup\HPZNUI01.EXE:*:Enabled:hpznui01.exe
"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe" = C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent
"C:\Program Files\MySpace\IM\MySpaceIM.exe" = C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpaceIM
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" = C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe:*:Enabled:McAfee Shared Service Host -- (McAfee, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" = C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Program Files\Common Files\AOL\ACS\AOLDial.exe" = C:\Program Files\Common Files\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- (America Online, Inc)
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Program Files\Logitech\Vid HD\Vid.exe" = C:\Program Files\Logitech\Vid HD\Vid.exe:*:Enabled:Logitech Vid HD -- (Logitech Inc.)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{008D69EB-70FF-46AB-9C75-924620DF191A}" = TOSHIBA Speech System SR Engine(U.S.) Version1.0
"{023EC958-023C-42D1-B2A4-E9E4BEF599FC}" = SweetIM for Messenger 2.6
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{09BDEEF0-5590-457D-89A9-5DB2742F9BBF}" = 32 Bit HP CIO Components Installer
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0F7C2E47-089E-4d23-B9F7-39BE00100776}" = Toolbox
"{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}" = Sonic DLA
"{12A76360-388E-4B27-ABEB-D5FC5378DD2A}" = HPPhotoSmartPhotobookWebPack1
"{12B3A009-A080-4619-9A2A-C6DB151D8D67}" = TOSHIBA Assist
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{162d74e4-7d6d-4949-8018-50e96e314696}" = C6200_Help
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18669FF9-C8FE-407a-9F70-E674896B1DB4}" = GPBaseService
"{195F2C6C-A343-4b10-B1A4-3F00AB9E9DD9}" = Fax
"{1DDF840B-A50A-491E-BF44-6D6964C451A8}" = VGA USB Camera
"{20B30DC1-E423-4939-B51D-05C58B0F9BBB}" = HP Photosmart All-In-One Driver Software 10.0 Rel .2
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{24ED4D80-8294-11D5-96CD-0040266301AD}" = FinePixViewer Ver.4.2
"{266C7330-C0F4-49E5-8F20-A56F9F822875}" = SweetIM Toolbar for Internet Explorer 3.3
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2FA41EBB-3F5A-35C3-85D6-51EC72A11FBD}" = Google Gears
"{2FCE4FC5-6930-40E7-A4F1-F862207424EF}" = InterVideo WinDVD Creator 2
"{3248F0A8-6813-11D6-A77B-00B0D0150020}" = J2SE Runtime Environment 5.0 Update 2
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{34BFB099-07B2-4E95-A673-7362D60866A2}" = PSSWCORE
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{36FDBE6E-6684-462b-AE98-9A39A1B200CC}" = HPProductAssistant
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FBF6F99-8EC6-41B4-8527-0A32241B5496}" = TOSHIBA Speech System TTS Engine(U.S.) Version1.0
"{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}" = Microsoft Works
"{425A2BC2-AA64-4107-9C29-484245BBEA05}" = TOSHIBA Software Upgrades
"{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}" = TOSHIBA SD Memory Card Format
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B5E17D7-C0CF-4CC3-8870-0181D622B93C}" = Kensington Keyboard
"{4C78937F-0C8E-11D9-A3EB-0001025FA304}" = Kensington MouseWorks
"{4CACFCD9-F71B-413A-8DF5-1A6419D5CDC6}" = Cards_Calendar_OrderGift_DoMorePlugout
"{5109C064-813E-4e87-B0DE-C8AF7B5BC02B}" = SmartWebPrintingOC
"{52A69E11-7CEB-4a7d-9607-68BA4F39A89B}" = DeviceDiscovery
"{5490882C-6961-11D5-BAE5-00E0188E010B}" = FUJIFILM USB Driver
"{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1" = iolo technologies' System Mechanic
"{5ACE69F0-A3E8-44eb-88C1-0A841E700180}" = TrayApp
"{5D96E2B1-D9AC-46E0-9073-425C5F63E338}" = Touch and Launch
"{64212898-097F-4F3F-AECA-6D34A7EF82DF}" = TOSHIBA Zooming Utility
"{64DD71BC-3109-4C88-9AD3-D5422644B722}" = TOSHIBA Hotkey Utility
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{679EC478-3FF9-4987-B2FF-C2C2B27532A2}" = DocProc
"{687FEF8A-8597-40b4-832C-297EA3F35817}" = BufferChm
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{69BE47C2-36FE-4397-8199-85D8EAE69982}" = TOSHIBA TouchPad ON/Off Utility
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6B437F94-056F-4791-AF2C-0D10E2706AF0}" = PanoStandAlone
"{6DE14BE4-6F04-4935-8ABD-A0A19FE2E55A}" = mCore
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{6FFFE74E-3FBD-4E2E-97F9-5E9A2A077626}" = mIWCA
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{735619D4-B42A-437A-958C-199BFCAEDB38}" = Safari
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}" = TOSHIBA Utilities
"{7ED0C3C2-6A3B-4FD1-97C8-20613D7D9ACF}" = TIxx21/x515
"{80533B67-C407-485D-8B5D-63BB8ED9D878}" = Scan
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A708DD8-A5E6-11D4-A706-000629E95E20}" = Intel(R) Graphics Media Accelerator Driver for Mobile
"{8A85DEAD-7C1F-4368-881C-72AC74CB2E91}" = UnloadSupport
"{8B12BA86-ADAC-4BA6-B441-FFC591087252}" = TOSHIBA Virtual Sound
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}" = InterVideo WinDVD for TOSHIBA
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{9541FED0-327F-4DF0-8B96-EF57EF622F19}" = Sonic RecordNow!
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}" = DVD-RAM Driver
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}" = CD/DVD Drive Acoustic Silencer
"{A07840FC-CE63-4CB8-8030-EF4B9805925A}" = HPPhotoSmartDiscLabel_PaperLabel
"{A0B9F8DF-C949-45ed-9808-7DC5C0C19C81}" = Status
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A5AB9D5E-52E2-440e-A3ED-9512E253C81A}" = SolutionCenter
"{A5F68DC8-0278-4AD8-B413-861509B5F25B}" = ArcSoft Panorama Maker 3
"{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}" = TOSHIBA Controls
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.5
"{ADFB9653-F44C-460C-BF58-189CC552DFFE}" = hpphotosmartdisclabelplugin
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B4E91E95-A5BA-4E50-A465-DB7EFEB176E8}" = HPPhotoSmartDiscLabel_PrintOnDisc
"{B8DBED1E-8BC3-4d08-B94A-F9D7D88E9BBF}" = HPSSupply
"{b9be267c-e096-4cce-a4fd-f24eec004938}" = PS_AIO_02_ProductContext
"{BA561482-C49D-4687-A61C-96236C1688F0}" = ArcSoft Software Suite
"{BAD0FA60-09CF-4411-AE6A-C2844C8812FA}" = HP Photosmart Essential 2.5
"{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}" = TOSHIBA ConfigFree
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{c4549405-195f-4450-8865-6be9dc5ad136}" = PS_AIO_02_Software_Min
"{C45F4811-31D5-4786-801D-F79CD06EDD85}" = SD Secure Module
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CA72A82C-7DBC-4814-8CCB-E5BFAC59FAEF}" = ArcSoft MediaImpression for Kodak
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CB6F12AB-5878-2AEC-D416-949DD8C5BD35}" = VZWDownloadManager
"{CCB9B81A-167F-4832-B305-D2A0430840B3}" = WebReg
"{cd0b9359-b716-4fd0-8e0a-09b3e312e8a4}" = PS_AIO_02_Software
"{CD0DC280-2489-4464-A2FC-16104676394A}" = WD SmartWare
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}" = Bluetooth Stack for Windows by Toshiba
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{D680C913-5955-469D-9D88-C1940F7506D6}" = RAW FILE CONVERTER LE
"{D99A8E3A-AE5A-4692-8B19-6F16D454E240}" = Destination Component
"{DD3C88A0-C53C-41D0-A21B-6D021981D23E}" = HPPhotoSmartDiscLabelContent1
"{E08DC77E-D09A-4e36-8067-D6DBBCC5F8DC}" = VideoToolkit01
"{EE033C1F-443E-41EC-A0E2-559B539A4E4D}" = TOSHIBA Speech System Applications
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}" = SMSC IrCC V5.1.3600.5 SP2
"{F42CD69D-E393-47c8-B2CD-B139C4ADA9A8}" = Copy
"{F6090A17-0967-4A8A-B3C3-422A1B514D49}" = mDrWiFi
"{F6C405D2-C50D-4D10-B89E-73A233A14D74}" = Toshiba Registration
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"{FE54D686-ACC0-42db-A46B-987A5B6D8325}" = C6200
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"{FF3999BE-1A7B-4738-88AA-97BF14094A4A}" = PictureProject
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"America Online us" = America Online (Choose which version to remove)
"AOL Connectivity Services" = AOL Connectivity Services
"com.verizon.mediastore.vzwdownloadmanager.BEEF85639ECFAE88C004EA3A5F976EE5386C7526.1" = MP3 Download Manager
"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Express" = Express Dictate
"Google Desktop" = Google Desktop
"HP Imaging Device Functions" = HP Imaging Device Functions 10.0
"HP Photosmart Essential" = HP Photosmart Essential 2.5
"HP Smart Web Printing" = HP Smart Web Printing
"HP Solution Center & Imaging Support Tools" = HP Solution Center 10.0
"HPOCR" = OCR Software by I.R.I.S. 10.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{7ED0C3C2-6A3B-4FD1-97C8-20613D7D9ACF}" = Texas Instruments PCIxx21/x515 drivers.
"InterActual Player" = InterActual Player
"Logitech Vid" = Logitech Vid HD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 6.0.2 (x86 en-US)" = Mozilla Firefox 6.0.2 (x86 en-US)
"MSC" = McAfee AntiVirus Plus
"MSNINST" = MSN
"MWASPI" = MicroStaff WINASPI
"PC Diagnostic Tool" = TOSHIBA PC Diagnostic Tool
"PictureProject In Touch Downloader" = PictureProject In Touch Downloader 1.0
"Power Saver" = TOSHIBA Power Saver
"ProInst" = Intel(R) PROSet/Wireless Software
"Scribe" = Express Scribe
"SelectRebatesUninstall" = ShopAtHome.com Toolbar
"Shop for HP Supplies" = Shop for HP Supplies
"StreetPlugin" = Learn2 Player (Uninstall Only)
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TOSHIBA Software Modem" = TOSHIBA Software Modem
"Toshiba Tbiosdrv Driver" = Toshiba Tbiosdrv Driver
"ViewpointMediaPlayer" = Viewpoint Media Player
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows Media Player" = Windows Media Player 10
"Windows XP Service Pack" = Windows XP Service Pack 3
"Yahoo! Search Defender" = Yahoo! Search Protection
"Yahoo! Software Update" = Yahoo! Software Update
"Zuma Deluxe 1.0" = Zuma Deluxe 1.0

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/8/2011 2:57:12 PM | Computer Name = MSKMNEWMAN | Source = crypt32 | ID = 131080
Description = Failed auto update retrieval of third-party root list sequence number
from:
with error: This network connection does not exist.

Error - 9/12/2011 9:46:20 PM | Computer Name = MSKMNEWMAN | Source = Application Hang | ID = 1002
Description = Hanging application mcagent.exe, version 10.5.240.0, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 9/12/2011 9:46:23 PM | Computer Name = MSKMNEWMAN | Source = Application Hang | ID = 1002
Description = Hanging application Commy.exe, version 11.8.1.5, hang module hungapp,
version 0.0.0.0, hang address 0x00000000.

Error - 9/12/2011 9:46:23 PM | Computer Name = MSKMNEWMAN | Source = Application Hang | ID = 1001
Description = Fault bucket -1761492251.

Error - 9/12/2011 11:49:35 PM | Computer Name = MSKMNEWMAN | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 3380 (0xd34) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\Common
Files\McAfee\SystemCore\mferkda.dll by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)


Error - 9/12/2011 11:51:23 PM | Computer Name = MSKMNEWMAN | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 364 (0x16c) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\Common
Files\McAfee\SystemCore\mfeapfa.dll by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)


Error - 9/13/2011 12:01:02 AM | Computer Name = MSKMNEWMAN | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2728 (0xaa8) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Toshiba\IVP\ISM\pinger.exe

by C:\WINDOWS\Explorer.EXE 4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0)

5006(0)(0) 5004(0)(0)

Error - 9/13/2011 12:01:57 AM | Computer Name = MSKMNEWMAN | Source = .NET Runtime 2.0 Error Reporting | ID = 1000
Description = Faulting application wdsmartware.exe, version 1.1.1.6, stamp 4ad642c6,
faulting module mscorwks.dll, version 2.0.50727.3623, stamp 4d8c187e, debug? 0,
fault address 0x000b0dd2.

Error - 9/13/2011 5:33:30 AM | Computer Name = MSKMNEWMAN | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 2968 (0xb98) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\WINDOWS\system32\mfcftp.dll

by C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe 4(0)(0) 4(0)(0) 7200(0)(0)

7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)

Error - 9/13/2011 5:35:35 AM | Computer Name = MSKMNEWMAN | Source = McLogEvent | ID = 5051
Description = A thread in process C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
took longer than 90000 ms to complete a request. The process will be terminated.
Thread
id : 1576 (0x628) Thread address : 0x7C90E514 Thread message : Build VSCORE.14.2.0.835
/ 5400.1158 Object being scanned = \Device\HarddiskVolume1\Program Files\Common
Files\McAfee\SystemCore\mfebopa.dll by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

4(0)(0) 4(0)(0) 7200(0)(0) 7595(0)(0) 7005(0)(0) 7004(0)(0) 5006(0)(0) 5004(0)(0)


[ OSession Events ]
Error - 6/14/2010 12:17:43 AM | Computer Name = MSKMNEWMAN | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1468
seconds with 1080 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 9/13/2011 5:32:23 AM | Computer Name = MSKMNEWMAN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 9/13/2011 5:32:33 AM | Computer Name = MSKMNEWMAN | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.113,
since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 9/13/2011 5:33:31 AM | Computer Name = MSKMNEWMAN | Source = Service Control Manager | ID = 7031
Description = The McShield service terminated unexpectedly. It has done this 1
time(s). The following corrective action will be taken in 5000 milliseconds: Restart
the service.

Error - 9/13/2011 5:35:36 AM | Computer Name = MSKMNEWMAN | Source = Service Control Manager | ID = 7031
Description = The McShield service terminated unexpectedly. It has done this 2
time(s). The following corrective action will be taken in 5000 milliseconds: Restart
the service.

Error - 9/13/2011 5:52:44 AM | Computer Name = MSKMNEWMAN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 9/13/2011 5:52:58 AM | Computer Name = MSKMNEWMAN | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.113,
since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 9/15/2011 6:24:28 AM | Computer Name = MSKMNEWMAN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 9/15/2011 6:25:32 AM | Computer Name = MSKMNEWMAN | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.113,
since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.

Error - 9/15/2011 7:08:50 AM | Computer Name = MSKMNEWMAN | Source = Service Control Manager | ID = 7022
Description = The HP CUE DeviceDiscovery Service service hung on starting.

Error - 9/15/2011 7:09:13 AM | Computer Name = MSKMNEWMAN | Source = ipnathlp | ID = 30013
Description = The DHCP allocator has disabled itself on IP address 192.168.1.113,
since
the IP address is outside the 192.168.0.0/255.255.255.0 scope from which addresses
are being allocated to DHCP clients. To enable the DHCP allocator on this IP address,
please
change the scope to include the IP address, or change the IP address to fall within
the scope.


< End of report >

-------------------------------
OTL.txt:
OTL logfile created on: 9/15/2011 6:15:17 AM - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Kristina.Newman\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.63% Memory free
3.33 Gb Paging File | 2.43 Gb Available in Paging File | 72.81% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92.96 Gb Total Space | 69.46 Gb Free Space | 74.72% Space Free | Partition Type: NTFS

Computer Name: MSKMNEWMAN | User Name: Kristina.Newman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/15 06:13:56 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kristina.Newman\Desktop\OTL.com
PRC - [2011/09/08 23:37:49 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.69\GoogleCrashHandler.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/08/08 15:09:28 | 000,456,368 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\System Mechanic\SystemGuardAlerter.exe
PRC - [2011/08/08 14:15:42 | 000,722,616 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2011/06/28 07:01:30 | 001,195,408 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/04/14 14:01:38 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/04/14 14:01:38 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/04/14 14:01:38 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/04/05 11:50:44 | 001,159,888 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcupdmgr.exe
PRC - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2009/10/14 14:32:46 | 009,085,760 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
PRC - [2009/10/14 14:31:02 | 000,098,304 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/08/10 12:15:50 | 000,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2005/05/31 23:00:12 | 000,282,624 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2005/05/31 22:59:58 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2005/04/12 18:18:46 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2005/01/14 12:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
PRC - [2004/10/15 14:27:38 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004/10/14 17:28:02 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/08/28 02:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2002/09/20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/05 19:35:51 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011/09/05 19:35:18 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/09/05 19:34:35 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
MOD - [2011/09/05 19:10:22 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
MOD - [2011/09/05 19:09:34 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/09/05 02:06:23 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/09/05 02:06:14 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011/09/05 02:05:56 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011/09/05 02:05:35 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
MOD - [2011/09/05 02:02:02 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/09/05 02:01:24 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/09/05 01:59:54 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/09/05 01:59:38 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2010/05/07 18:37:50 | 000,290,648 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2010/05/07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 18:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010/05/07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2009/08/19 16:49:08 | 000,049,152 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
MOD - [2009/07/29 16:24:14 | 000,504,293 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll
MOD - [2007/04/16 10:52:53 | 001,833,452 | ---- | M] () -- C:\WINDOWS\system32\mfcftp.dll
MOD - [2007/04/16 10:52:53 | 000,931,586 | ---- | M] () -- C:\WINDOWS\system32\comdev.dll
MOD - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
MOD - [2005/01/14 12:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
MOD - [2004/07/20 19:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/08 14:15:42 | 000,722,616 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/04/14 14:01:38 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2011/04/14 14:01:38 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/04/14 14:01:38 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 21:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/10/14 14:31:02 | 000,098,304 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2005/08/10 12:15:50 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2005/01/14 12:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)
SRV - [2004/08/28 02:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2002/09/20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/14 14:01:38 | 000,387,480 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/04/14 14:01:38 | 000,314,088 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/04/14 14:01:38 | 000,153,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/04/14 14:01:38 | 000,095,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/04/14 14:01:38 | 000,088,736 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/04/14 14:01:38 | 000,088,736 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/04/14 14:01:38 | 000,084,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/04/14 14:01:38 | 000,084,200 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/04/14 14:01:38 | 000,056,064 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/04/14 14:01:38 | 000,052,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/05/14 17:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Pro Webcam C910(UVC)
DRV - [2010/05/14 16:58:58 | 000,020,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/05/07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/02/13 12:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/11/08 12:59:50 | 000,530,304 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2005/12/01 15:17:40 | 000,014,208 | ---- | M] (Kensington Technology Group) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kkw_hid.sys -- (KKW_HID)
DRV - [2005/11/30 10:12:36 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/10/11 21:20:56 | 000,019,328 | ---- | M] (Insyde Software) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\KRISTI~1NEW\LOCALS~1\Temp\isc2Ctmp\iscflash.sys -- (iscFlash)
DRV - [2005/09/01 11:41:56 | 000,092,032 | ---- | M] (Kensington Technology Group) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMW_SYS.sys -- (KMW_SYS)
DRV - [2005/09/01 11:41:36 | 000,005,760 | ---- | M] (Kensington Technology Group) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMW_KBD.sys -- (KMW_KBD)
DRV - [2005/09/01 11:41:34 | 000,010,496 | ---- | M] (Kensington Technology Group) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMW_USB.sys -- (KMW_USB)
DRV - [2005/07/04 17:54:08 | 000,098,176 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005/06/27 20:48:08 | 000,053,504 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2005/06/02 05:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/05/30 20:28:38 | 000,008,576 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
DRV - [2005/05/27 13:39:40 | 000,034,176 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005/05/10 19:50:00 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/04/12 18:19:42 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/03/30 19:18:40 | 000,230,400 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/03/30 14:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005/03/02 10:45:24 | 000,004,864 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2005/01/11 12:05:00 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10N.sys -- (KR10N)
DRV - [2005/01/06 15:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/12/21 13:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004/12/15 19:30:14 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2004/11/29 20:51:52 | 000,122,928 | ---- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPCA561.SYS -- (CA561)
DRV - [2004/10/29 21:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004/10/15 14:20:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/10/04 12:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004/08/12 11:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/06/16 13:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2003/09/19 18:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/16 15:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2000/03/29 20:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT)


========== Standard Registry (SafeList) ==========

OTL.txt part 2:

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr8/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 68 94 69 8A 67 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.iWon.com/Plugin: C:\Program Files\iWonEI\Installr\2.bin\NPjfEISB.dll (iWon)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/05 22:01:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/09/12 20:57:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/12 20:43:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/09 09:43:44 | 000,000,000 | ---D | M]

[2009/09/12 13:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Extensions
[2009/09/12 13:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/09/06 11:15:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Firefox\Profiles\r02vssvw.default\extensions
[2011/08/03 10:58:12 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Firefox\Profiles\r02vssvw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/06 11:15:21 | 000,000,000 | ---D | M] (BetterLinks) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Firefox\Profiles\r02vssvw.default\extensions\smartlinks@getsmartlinks.com
[2011/05/11 21:22:11 | 000,000,000 | ---D | M] (ShopAtHome.com Intelligent Shopping Toolbar) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Firefox\Profiles\r02vssvw.default\extensions\toolbar@shopathome.com
[2009/09/28 20:46:40 | 000,002,160 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Firefox\Profiles\r02vssvw.default\searchplugins\MySpace.xml
[2011/05/11 21:51:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/11 21:51:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/30 14:27:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011/04/30 14:27:11 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/11 21:50:30 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/12 20:57:29 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2009/09/02 03:00:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/09/12 20:43:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/05/18 23:31:11 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/05/18 23:31:12 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/11 21:50:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/09/12 20:42:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/30 14:29:28 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - No CLSID value found.
O2 - BHO: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - No CLSID value found.
O2 - BHO: (no name) - {9291ddd4-88b0-4a07-a03f-653287bb7b37} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9291ddd4-88b0-4a07-a03f-653287bb7b37} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9291DDD4-88B0-4A07-A03F-653287BB7B37} - No CLSID value found.
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found.
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MSWheel] File not found
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} http://www.worldwinner.com/games/v47/scrabblecubes/scrabblecubes.cab (ScrabbleCubes Control)
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} http://www.worldwinner.com/games/v54/zengems/zengems.cab (ZenGems Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} http://www.worldwinner.com/games/v48/brickout/brickout.cab (Brickout Control)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinner.com/games/v51/bejeweled/bejeweled.cab (Bejeweled Control)
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} http://www.worldwinner.com/games/v56/spidersolitaire/spidersolitaire.cab (SpiderSolitaire Control)
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} http://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab (Blockwerx Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} http://www.worldwinner.com/games/v57/cubis/cubis.cab (Cubis Control)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinner.com/games/v57/wof/wof.cab (WoF Control)
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} http://www.worldwinner.com/games/v50/luxor/luxor.cab (WwLuxor Control)
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} http://www.worldwinner.com/games/v67/swapit/swapit.cab (SwapIt Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} http://www.worldwinner.com/games/v46/monopoly/monopoly.cab (Monopoly Control)
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} http://www.worldwinner.com/games/v42/tilecity/tilecity.cab (Tilecity Control)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinner.com/games/v52/dinerdash/dinerdash.cab (DinerDash Control)
O16 - DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} http://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab (MysteryPI Control)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7AAF66F-105B-4B79-8598-CD97AFB6106C}: DhcpNameServer = 167.206.245.130 167.206.245.129
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\comdev: DllName - (comdev.dll) - C:\WINDOWS\System32\comdev.dll ()
O20 - Winlogon\Notify\IntelWireless: DllName - (C:\Program Files\Intel\Wireless\Bin\LgNotify.dll) - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Kristina.Newman\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kristina.Newman\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/07/28 15:12:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4fb3c481-a774-11dd-9861-0013ce973a65}\Shell - "" = AutoRun
O33 - MountPoints2\{4fb3c481-a774-11dd-9861-0013ce973a65}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4fb3c481-a774-11dd-9861-0013ce973a65}\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\MI.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: ioloSystemService - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SafeBootMin: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: ioloSystemService - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SafeBootNet: McMPFSvc - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SafeBootNet: mfefirek - C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfefirek.sys - C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfehidk - C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfehidk.sys - C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfevtp - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/09/15 06:13:44 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kristina.Newman\Desktop\OTL.com
[2011/09/15 06:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/09/12 22:00:28 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/09/12 21:17:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/09/12 21:17:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/09/12 21:17:08 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/09/12 21:17:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/09/12 20:51:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/08 23:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2011/09/08 23:21:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\My Documents\SightSpeed Recordings
[2011/09/08 23:21:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Local Settings\Application Data\LogiShrd
[2011/09/08 23:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Application Data\Leadertech
[2011/09/08 22:56:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\logishrd
[2011/09/08 22:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2011/09/08 22:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2011/09/08 22:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2011/09/08 22:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011/09/08 22:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2011/09/08 22:44:26 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2011/09/08 22:44:26 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2011/09/06 19:52:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/09/06 13:18:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/06 13:18:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kristina.Newman\Start Menu\Programs\Administrative Tools
[2011/09/06 11:15:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Local Settings\Application Data\OpenCandy
[2011/09/06 11:15:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Application Data\OpenCandy
[2011/09/06 02:15:40 | 000,000,000 | ---D | C] -- C:\sm452v12
[2011/09/03 05:17:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/02 12:19:53 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2011/09/02 12:03:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\iolo
[2011/09/01 14:17:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2011/09/01 14:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic
[2011/09/01 14:17:13 | 002,083,464 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator32.dll
[2011/09/01 14:17:13 | 000,011,776 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe
[2011/09/01 14:17:12 | 000,056,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offreg.dll
[2011/09/01 14:17:12 | 000,029,696 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe
[2011/09/01 14:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\iolo
[2011/09/01 14:12:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Application Data\iolo
[2011/09/01 14:12:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iolo
[2011/08/31 07:05:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Application Data\Malwarebytes
[2011/08/31 07:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/31 07:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/08/31 07:04:57 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/31 07:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/28 21:25:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/08/28 21:21:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/08/28 21:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/28 21:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/08/28 20:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/08/28 20:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2005/07/28 15:39:18 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

========== Files - Modified Within 30 Days ==========

[2011/09/15 06:13:56 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kristina.Newman\Desktop\OTL.com
[2011/09/15 06:11:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/15 06:11:03 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/15 06:07:19 | 000,000,324 | -HS- | M] () -- C:\WINDOWS\tasks\Buqvlyk.job
[2011/09/15 06:07:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/15 06:07:14 | 2138,554,368 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 05:43:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/15 05:43:02 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/15 05:41:33 | 000,913,968 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Desktop\Read This Before Posting.mht
[2011/09/15 05:27:41 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{939B4311-85DC-4067-807D-857ADBC3E39E}.job
[2011/09/12 22:00:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/09/12 19:28:36 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/09/09 09:43:45 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/09/09 04:12:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/08 23:30:07 | 000,001,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2011/09/08 22:53:54 | 000,001,269 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2011/09/06 10:59:35 | 000,000,357 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Desktop\BIOS Launcher.lnk
[2011/09/05 02:07:53 | 000,286,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/05 02:04:22 | 002,339,003 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Desktop\dirty heatsink.jpg
[2011/09/05 02:00:33 | 000,446,358 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/05 02:00:33 | 000,073,398 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/09/01 14:19:22 | 000,000,406 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2011/09/01 14:17:41 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Desktop\System Mechanic.lnk
[2011/09/01 14:13:31 | 000,074,703 | ---- | M] () -- C:\WINDOWS\System32\mfc45.dll
[2011/08/31 19:50:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/31 07:05:05 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/28 21:31:47 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/08/28 21:31:46 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/08/28 21:25:37 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/08/28 20:54:53 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk

========== Files Created - No Company Name ==========

[2011/09/15 05:41:21 | 000,913,968 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Desktop\Read This Before Posting.mht
[2011/09/12 22:00:33 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/09/12 22:00:31 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/09/12 21:42:57 | 2138,554,368 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/12 21:17:08 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/09/12 21:17:08 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/12 21:17:08 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/09/12 21:17:08 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/09/12 21:17:08 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/08 23:30:07 | 000,001,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2011/09/08 22:53:54 | 000,001,269 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2011/09/08 14:06:17 | 002,339,003 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Desktop\dirty heatsink.jpg
[2011/09/06 02:15:44 | 000,000,357 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Desktop\BIOS Launcher.lnk
[2011/09/05 01:29:36 | 000,178,996 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of hailey with grandparents 3.jpg
[2011/09/05 01:29:35 | 000,052,482 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey with grandparents 3.jpg
[2011/09/05 01:29:35 | 000,050,539 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey swimmin 5.jpg
[2011/09/05 01:29:35 | 000,046,819 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey swimmin.jpg
[2011/09/05 01:29:35 | 000,039,649 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey with grandparents 2.jpg
[2011/09/05 01:29:35 | 000,037,614 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey with grandparents.jpg
[2011/09/05 01:29:34 | 000,108,821 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Halloween.jpg
[2011/09/05 01:29:34 | 000,053,469 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey swimmin 4.jpg
[2011/09/05 01:29:34 | 000,051,878 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey swimmin 3.jpg
[2011/09/05 01:29:34 | 000,051,795 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey swimmin 2.jpg
[2011/09/05 01:29:34 | 000,046,864 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Christmas Vaca 2.jpg
[2011/09/05 01:29:34 | 000,043,553 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Christmas Vaca 3.jpg
[2011/09/05 01:29:34 | 000,031,936 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Christmas Vaca 5.jpg
[2011/09/05 01:29:34 | 000,030,279 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Christmas Vaca.jpg
[2011/09/05 01:29:33 | 000,597,303 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Adventures Take 1 006.jpg
[2011/09/05 01:29:33 | 000,136,160 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of hailey cake 3.jpg
[2011/09/05 01:29:33 | 000,038,394 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey cake 3.jpg
[2011/09/05 01:29:33 | 000,037,396 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey cake.jpg
[2011/09/05 01:29:33 | 000,036,259 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey cake 2.jpg
[2011/09/05 01:29:32 | 000,779,637 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Adventures Take 1 005.jpg
[2011/09/05 01:29:30 | 001,980,084 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Adventures Take 1 003.jpg
[2011/09/05 01:29:29 | 001,980,084 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Adventures Take 1 001.jpg
[2011/09/05 01:29:29 | 000,131,204 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of Hailey & Mommy.jpg
[2011/09/05 01:29:28 | 000,201,111 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of family 5.jpg
[2011/09/05 01:29:28 | 000,124,789 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey & Mommy.jpg
[2011/09/05 01:29:28 | 000,069,416 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\family.jpg
[2011/09/05 01:29:28 | 000,063,337 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\family 5.jpg
[2011/09/05 01:29:28 | 000,052,341 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\family 4.jpg
[2011/09/05 01:29:28 | 000,044,180 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey & mommy 3.jpg
[2011/09/05 01:29:28 | 000,040,923 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey & mommy 2.jpg
[2011/09/05 01:29:27 | 000,874,854 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of untitled.bmp
[2011/09/05 01:29:27 | 000,139,459 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of 34102_10150225229170607_610685606_13385285_6298219_n.jpg
[2011/09/05 01:29:27 | 000,121,878 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\dads wedding.bmp
[2011/09/05 01:29:27 | 000,070,903 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\family 3.jpg
[2011/09/05 01:29:27 | 000,067,579 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\family 2.jpg
[2011/09/05 01:29:27 | 000,052,524 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\dad & diane.jpg
[2011/09/05 01:29:27 | 000,048,933 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Dad and me.jpg
[2011/09/05 01:29:26 | 000,188,240 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of 29893_10150204380060607_610685606_12767286_3877023_n.jpg
[2011/09/05 01:29:26 | 000,091,181 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Avery.jpg
[2011/09/05 01:29:26 | 000,034,023 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\bros.jpg
[2011/09/05 01:29:26 | 000,027,119 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\545300523_1929641253_524859740_1278473927404.jpg
[2011/09/05 01:29:26 | 000,011,537 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\545300523_1929641253_524859740_1278473909919.jpg
[2011/09/05 01:29:26 | 000,011,187 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442580429_1540246105_0.jpg
[2011/09/05 01:29:26 | 000,010,485 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442580640_1540246932_0.jpg
[2011/09/05 01:29:26 | 000,009,391 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442580842_1540247706_0.jpg
[2011/09/05 01:29:26 | 000,004,085 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442581530_1540250321_0.jpg
[2011/09/05 01:29:25 | 000,012,794 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442579246_1540241732_0.jpg
[2011/09/05 01:29:25 | 000,011,548 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442578495_1540238960_0.jpg
[2011/09/05 01:29:25 | 000,011,529 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442579973_1540244431_0.jpg
[2011/09/05 01:29:25 | 000,010,374 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442579720_1540243474_0.jpg
[2011/09/05 01:29:25 | 000,010,213 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442578762_1540239957_0.jpg
[2011/09/05 01:29:25 | 000,010,077 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442578108_1540237550_0.jpg
[2011/09/05 01:29:25 | 000,009,219 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442580202_1540245268_0.jpg
[2011/09/05 01:29:25 | 000,008,915 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442579031_1540240910_0.jpg
[2011/09/05 01:29:25 | 000,008,870 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442577866_1540236662_0.jpg
[2011/09/05 01:29:24 | 000,168,510 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\40978_105301456193883_100001420879024_46653_5434470_n.jpg
[2011/09/05 01:29:24 | 000,158,768 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\32461_121432367884053_100000518705474_224660_1149171_n.jpg
[2011/09/05 01:29:24 | 000,140,394 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\34102_10150225229165607_610685606_13385284_5035348_n.jpg
[2011/09/05 01:29:24 | 000,123,666 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\33496_105290586194970_100001420879024_46542_3440585_n.jpg
[2011/09/05 01:29:24 | 000,066,667 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\29893_10150204380060607_610685606_12767286_3877023_n.jpg
[2011/09/05 01:29:24 | 000,041,984 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\34102_10150225229170607_610685606_13385285_6298219_n.jpg
[2011/09/05 01:29:24 | 000,011,896 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442577635_1540235854_0.jpg
[2011/09/05 01:29:24 | 000,009,970 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442577331_1540234752_0.jpg
[2011/09/01 14:19:22 | 000,000,406 | ---- | C] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2011/09/01 14:17:41 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Desktop\System Mechanic.lnk
[2011/09/01 14:13:31 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/08/31 07:05:06 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/08/31 07:05:05 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/28 21:25:37 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/08/28 20:54:52 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/05/02 12:14:45 | 000,001,302 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2u1gy43u8px6b83kf3128b30xu2o810051k
[2011/04/18 19:09:28 | 000,013,906 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\4o8dd5y80jo00c4a2tdod0i741466er6s8n6h8pv7n
[2011/04/10 22:35:11 | 000,081,920 | RHS- | C] () -- C:\WINDOWS\System32\umloaderq.dll
[2011/01/07 19:55:30 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Application Data\MyPhrases.dta
[2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 16:56:06 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/07 18:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 18:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/12 23:14:50 | 000,060,580 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/01/19 17:10:32 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\kmw_show.exe
[2008/08/26 13:45:33 | 000,164,906 | ---- | C] () -- C:\WINDOWS\hpoins21.dat
[2008/08/26 13:45:33 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat
[2008/02/04 22:15:59 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/12/10 01:26:51 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP7311.INI
[2007/11/26 21:59:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe
[2007/10/30 20:49:47 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2006/11/14 18:49:11 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[2006/09/26 21:33:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/09/26 20:45:24 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/12/22 18:34:34 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2005/12/22 18:34:34 | 000,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2005/12/09 12:41:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/08 13:53:05 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2005/08/08 13:53:05 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005/08/08 13:47:49 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2005/07/28 16:20:02 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/07/28 16:17:57 | 000,000,228 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/07/28 16:15:03 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/07/28 16:15:03 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/07/28 16:15:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/07/28 16:15:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/07/28 16:15:03 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/07/28 16:15:03 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/07/28 16:13:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/07/28 16:12:59 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\MousePage.dll
[2005/07/28 15:55:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2005/07/28 15:44:46 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/07/28 15:44:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/07/28 15:44:46 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/07/28 15:44:46 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/07/28 15:40:24 | 000,090,112 | ---- | C] () -- C:\WINDOWS\InstDrvr.exe
[2005/07/28 15:40:24 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/07/28 15:39:18 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2005/07/28 15:19:39 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/07/28 15:14:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/07/28 15:10:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/07/28 15:08:47 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/07/28 13:50:53 | 000,000,341 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/07/28 13:48:07 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/07/28 13:48:02 | 000,446,358 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/07/28 13:48:02 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/07/28 13:48:02 | 000,073,398 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/07/28 13:48:02 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/07/28 13:48:00 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/07/28 13:47:58 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/07/28 13:47:56 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/07/28 13:47:49 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\mprmsg.dll
[2005/07/28 13:47:48 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/07/28 13:47:47 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/07/28 13:47:44 | 003,329,630 | ---- | C] () -- C:\WINDOWS\System32\sndlan.exe
[2005/07/28 13:47:44 | 001,833,452 | ---- | C] () -- C:\WINDOWS\System32\mfcftp.dll
[2005/07/28 13:47:44 | 000,931,586 | ---- | C] () -- C:\WINDOWS\System32\comdev.dll
[2005/07/28 13:47:44 | 000,379,443 | ---- | C] () -- C:\WINDOWS\System32\usbman.dll
[2005/07/28 13:47:36 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/07/28 13:47:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/07/28 08:04:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/07/28 08:03:39 | 000,286,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/06/30 15:15:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/12/02 17:20:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/09/22 12:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/08/12 11:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/07/20 19:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 16:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2004/01/13 20:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/07/29 17:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

otl.txt part 3:

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/09/12 20:43:05 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/09/12 20:42:57 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/09/12 20:42:54 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/04/10 22:35:11 | 000,081,920 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\umloaderq.dll

< %systemroot%\Tasks\*.job /lockedfiles >
[2011/09/15 06:07:19 | 000,000,324 | -HS- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\Buqvlyk.job

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/02/04 22:28:39 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/04/30 12:48:15 | 000,000,000 | ---D | M] -- C:\Program Files\America Online 9.0
[2005/07/28 15:43:11 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2011/07/22 10:38:55 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2006/11/14 18:42:31 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2011/08/28 21:03:02 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/09/08 22:55:11 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/03/21 18:39:32 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2011/05/11 21:31:36 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2005/07/28 16:10:24 | 000,000,000 | ---D | M] -- C:\Program Files\DataLode
[2005/07/28 15:56:17 | 000,000,000 | ---D | M] -- C:\Program Files\DVD-RAM
[2009/09/16 16:02:15 | 000,000,000 | ---D | M] -- C:\Program Files\FilmLoop Player
[2008/07/08 21:47:45 | 000,000,000 | ---D | M] -- C:\Program Files\FinePixViewer
[2010/03/05 22:01:38 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2008/08/26 13:51:17 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2008/08/29 20:43:10 | 000,000,000 | ---D | M] -- C:\Program Files\iLinc
[2005/07/28 16:24:26 | 000,000,000 | ---D | M] -- C:\Program Files\illiminable
[2010/12/18 23:26:41 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2005/12/09 12:51:47 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2006/09/26 20:44:56 | 000,000,000 | ---D | M] -- C:\Program Files\InterActual
[2011/09/05 01:28:11 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2005/12/09 12:38:14 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2011/09/01 14:17:11 | 000,000,000 | ---D | M] -- C:\Program Files\iolo
[2011/08/28 21:21:42 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2006/11/14 19:32:49 | 000,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2011/08/28 21:25:17 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/01/17 23:32:45 | 000,000,000 | ---D | M] -- C:\Program Files\iWonEI
[2011/05/11 21:50:08 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/01/19 17:10:27 | 000,000,000 | ---D | M] -- C:\Program Files\Kensington
[2010/12/18 23:26:42 | 000,000,000 | ---D | M] -- C:\Program Files\Kodak
[2005/07/28 16:21:44 | 000,000,000 | ---D | M] -- C:\Program Files\Learn2.com
[2011/09/09 08:20:58 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2005/07/28 15:44:46 | 000,000,000 | ---D | M] -- C:\Program Files\ltmoh
[2011/09/12 20:57:31 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/02/19 01:50:40 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2011/02/19 01:49:27 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2010/08/22 21:10:14 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2005/07/28 15:12:13 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2011/09/06 10:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2008/09/02 18:01:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/11/09 04:11:43 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/09/02 18:00:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/24 03:02:36 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/09/12 20:43:45 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/04/23 18:24:42 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2007/10/26 18:26:44 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2005/07/28 15:08:53 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2008/11/29 12:52:26 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/04/23 18:19:08 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2010/06/07 19:32:35 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Swift Sound
[2010/08/22 11:58:17 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2006/11/14 18:43:42 | 000,000,000 | ---D | M] -- C:\Program Files\Nikon
[2009/09/16 16:04:25 | 000,000,000 | ---D | M] -- C:\Program Files\Notebook Maximizer
[2005/07/28 15:10:35 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/16 04:02:01 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2006/11/14 18:45:01 | 000,000,000 | ---D | M] -- C:\Program Files\PictureProject In Touch Downloader
[2011/02/04 22:19:44 | 000,000,000 | ---D | M] -- C:\Program Files\PopCap Games
[2009/10/09 03:08:40 | 000,000,000 | ---D | M] -- C:\Program Files\Pure Networks
[2009/09/16 16:11:55 | 000,000,000 | ---D | M] -- C:\Program Files\Quicken
[2011/08/28 20:55:47 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/04/23 18:24:28 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2005/12/22 18:29:46 | 000,000,000 | ---D | M] -- C:\Program Files\REGSHAVE
[2011/08/28 21:32:05 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2011/08/31 20:27:43 | 000,000,000 | ---D | M] -- C:\Program Files\SelectRebates
[2008/07/09 17:11:42 | 000,000,000 | ---D | M] -- C:\Program Files\Siber Systems
[2005/12/09 12:41:14 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2009/05/24 10:08:38 | 000,000,000 | ---D | M] -- C:\Program Files\SweetIM
[2005/07/28 15:46:10 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2005/12/13 15:39:57 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA
[2006/11/06 22:40:43 | 000,000,000 | ---D | M] -- C:\Program Files\TryMedia
[2007/12/10 01:26:53 | 000,000,000 | ---D | M] -- C:\Program Files\VGA USB Camera
[2005/07/28 16:21:43 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2009/04/30 20:54:09 | 000,000,000 | ---D | M] -- C:\Program Files\VZWDownloadManager
[2010/06/05 18:26:14 | 000,000,000 | ---D | M] -- C:\Program Files\Western Digital
[2010/08/22 11:58:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2010/08/22 11:58:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/07/28 15:12:13 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/12/18 14:16:34 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/04 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\dllcache\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/04 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-15 10:47:01

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -rb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -hb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -sb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AMERIC~1.0\aol.exe [2005/02/07 15:04:30 | 000,038,000 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -rb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -hb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -sb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AMERIC~1.0\aol.exe [2005/02/07 15:04:30 | 000,038,000 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)

< End of report >
-------------------------------------------

Next I tried again to run the scan for aswmbr and before i even hit scan, it said 20:29:45:633 write error "ashbase.dll"

bump please

Hello.
Did you get an aswmbr log?

no, it wouldn't even run

Download the GMER Rootkit Scanner. Unzip it to your Desktop.

Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while the scan is being performed. Do not use your computer for anything else during the scan.

Double-click gmer.exe. The program will begin to run.

**Caution**
These types of scans can produce false positives. Do NOT take any action on any "<--- ROOKIT" entries unless advised!

If possible rootkit activity is found, you will be asked if you would like to perform a full scan.

• Click NO
  
• In the right panel, you will see a bunch of boxes that have been checked ... leave everything checked and ensure the Show all box is un-checked.
  
• Now click the Scan button.
  Once the scan is complete, you may receive another notice about rootkit activity.
  
• Click OK.
  
• GMER will produce a log. Click on the [Save..] button, and in the File name area, type in "GMER.txt"
  
• Save it where you can easily find it, such as your desktop.
  

Post the contents of GMER.txt in your next reply.

Hi, sorry it took so long to get back to you! In the meantime, I was able to restore to an earlier time on the laptop...however, booting into windows would give me the "NTLDR is compressed" message, so the only way i am able to get into safe mode and do anything, is to boot with Hiren's boot cd...then choose boot from harddisk, and choose safe mode with networking....ok, so i did that, reran otl, and will post the otl.txt below. Then i ran aswmbr. It asked me if i wanted to download the avast definitions; i said no...then i ran the scan and it ended quickly with an error message i will post below. I tried running it a second time, and it seemed to run for a long time (stuck at the "service scanning" level for at least 35 minutes), and I had to turn off the computer in order to get out of it.

otl:
OTL logfile created on: 9/15/2011 6:15:17 AM - Run 1
OTL by OldTimer - Version 3.2.28.0 Folder = C:\Documents and Settings\Kristina.Newman\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.99 Gb Total Physical Memory | 1.17 Gb Available Physical Memory | 58.63% Memory free
3.33 Gb Paging File | 2.43 Gb Available in Paging File | 72.81% Paging File free
Paging file location(s): C:\pagefile.sys 1524 3048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 92.96 Gb Total Space | 69.46 Gb Free Space | 74.72% Space Free | Partition Type: NTFS

Computer Name: MSKMNEWMAN | User Name: Kristina.Newman | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/15 06:13:56 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kristina.Newman\Desktop\OTL.com
PRC - [2011/09/08 23:37:49 | 000,140,952 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.3.21.69\GoogleCrashHandler.exe
PRC - [2011/08/31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/08/08 15:09:28 | 000,456,368 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\System Mechanic\SystemGuardAlerter.exe
PRC - [2011/08/08 14:15:42 | 000,722,616 | ---- | M] (iolo technologies, LLC) -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
PRC - [2011/06/28 07:01:30 | 001,195,408 | ---- | M] (McAfee, Inc.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
PRC - [2011/04/14 14:01:38 | 000,188,136 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
PRC - [2011/04/14 14:01:38 | 000,171,168 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
PRC - [2011/04/14 14:01:38 | 000,141,792 | ---- | M] (McAfee, Inc.) -- C:\WINDOWS\system32\mfevtps.exe
PRC - [2011/04/05 11:50:44 | 001,159,888 | ---- | M] (McAfee, Inc.) -- c:\Program Files\McAfee\MSC\mcupdmgr.exe
PRC - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
PRC - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
PRC - [2010/05/07 18:35:22 | 000,165,208 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
PRC - [2009/10/14 14:32:46 | 009,085,760 | ---- | M] (Western Digital) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe
PRC - [2009/10/14 14:31:02 | 000,098,304 | ---- | M] (WDC) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
PRC - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
PRC - [2008/04/13 19:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005/08/10 12:15:50 | 000,035,328 | ---- | M] (TOSHIBA Corp.) -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
PRC - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
PRC - [2005/05/31 23:00:12 | 000,282,624 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSMain.exe
PRC - [2005/05/31 22:59:58 | 000,045,056 | ---- | M] (TOSHIBA Corporation) -- C:\WINDOWS\system32\TPSBattM.exe
PRC - [2005/04/12 18:18:46 | 000,184,320 | ---- | M] (Agere Systems) -- C:\Program Files\ltmoh\ltmoh.exe
PRC - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2005/01/14 12:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
PRC - [2004/10/15 14:27:38 | 000,389,120 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2004/10/14 17:28:02 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2004/08/28 02:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) -- C:\WINDOWS\system32\DVDRAMSV.exe
PRC - [2002/09/20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/05 19:35:51 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011/09/05 19:35:18 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\70a1400affdc775d7c7398e036359286\System.ServiceProcess.ni.dll
MOD - [2011/09/05 19:34:35 | 000,998,400 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\6e563a58e6fc0117070d5b8fd59e4e1b\System.Management.ni.dll
MOD - [2011/09/05 19:10:22 | 001,712,128 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\c6b19db2534042d435ede580f92bc75c\Microsoft.VisualBasic.ni.dll
MOD - [2011/09/05 19:09:34 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011/09/05 02:06:23 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011/09/05 02:06:14 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011/09/05 02:05:56 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011/09/05 02:05:35 | 006,616,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Data\db2d84e279807592a680ef4135e9fe9a\System.Data.ni.dll
MOD - [2011/09/05 02:02:02 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011/09/05 02:01:24 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011/09/05 01:59:54 | 002,933,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2011/09/05 01:59:38 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010/05/07 18:43:52 | 000,651,096 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
MOD - [2010/05/07 18:37:50 | 000,290,648 | ---- | M] () -- C:\Program Files\Common Files\LogiShrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2010/05/07 18:37:40 | 000,126,808 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2010/05/07 18:37:40 | 000,027,480 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2010/05/07 18:36:54 | 000,340,824 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2010/05/07 18:36:20 | 000,921,944 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QtNetwork4.dll
MOD - [2010/05/07 18:35:56 | 007,954,776 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2010/05/07 18:35:44 | 002,143,576 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/05/07 18:34:58 | 000,168,792 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2009/08/19 16:49:08 | 000,049,152 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\Memeo.API.dll
MOD - [2009/07/29 16:24:14 | 000,504,293 | ---- | M] () -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\sqlite3.dll
MOD - [2007/04/16 10:52:53 | 001,833,452 | ---- | M] () -- C:\WINDOWS\system32\mfcftp.dll
MOD - [2007/04/16 10:52:53 | 000,931,586 | ---- | M] () -- C:\WINDOWS\system32\comdev.dll
MOD - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () -- c:\Toshiba\IVP\swupdate\swupdtmr.exe
MOD - [2005/01/14 12:32:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS\system32\PAStiSvc.exe
MOD - [2004/07/20 19:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/08/08 14:15:42 | 000,722,616 | ---- | M] (iolo technologies, LLC) [Auto | Running] -- C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe -- (ioloSystemService)
SRV - [2011/04/14 14:01:38 | 000,188,136 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe -- (mfefire)
SRV - [2011/04/14 14:01:38 | 000,171,168 | ---- | M] () [Unknown | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)
SRV - [2011/04/14 14:01:38 | 000,141,792 | ---- | M] (McAfee, Inc.) [Unknown | Running] -- C:\WINDOWS\system32\mfevtps.exe -- (mfevtp)
SRV - [2010/10/07 21:34:28 | 000,364,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2010/05/07 18:47:32 | 000,162,648 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McMPFSvc)
SRV - [2010/03/10 11:14:44 | 000,271,480 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)
SRV - [2009/10/14 14:31:02 | 000,098,304 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV - [2009/06/16 09:58:08 | 000,020,480 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe -- (WDSmartWareBackgroundService)
SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Disabled | Stopped] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2005/08/10 12:15:50 | 000,035,328 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005/07/12 19:14:42 | 000,040,960 | ---- | M] () [Auto | Running] -- c:\Toshiba\IVP\swupdate\swupdtmr.exe -- (Swupdtmr)
SRV - [2005/01/17 18:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2005/01/14 12:32:38 | 000,053,248 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\PAStiSvc.exe -- (STI Simulator)
SRV - [2004/08/28 02:33:00 | 000,110,592 | ---- | M] (Matsushita Electric Industrial Co., Ltd.) [Auto | Running] -- C:\WINDOWS\system32\DVDRAMSV.exe -- (DVD-RAM_Service)
SRV - [2002/09/20 17:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))


========== Driver Services (SafeList) ==========

DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/04/14 14:01:38 | 000,387,480 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\mfehidk.sys -- (mfehidk)
DRV - [2011/04/14 14:01:38 | 000,314,088 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfefirek.sys -- (mfefirek)
DRV - [2011/04/14 14:01:38 | 000,153,280 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeavfk.sys -- (mfeavfk)
DRV - [2011/04/14 14:01:38 | 000,095,824 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfeapfk.sys -- (mfeapfk)
DRV - [2011/04/14 14:01:38 | 000,088,736 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendiskmp)
DRV - [2011/04/14 14:01:38 | 000,088,736 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mfendisk.sys -- (mfendisk)
DRV - [2011/04/14 14:01:38 | 000,084,488 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mferkdet.sys -- (mferkdet)
DRV - [2011/04/14 14:01:38 | 000,084,200 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mfetdi2k.sys -- (mfetdi2k)
DRV - [2011/04/14 14:01:38 | 000,056,064 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cfwids.sys -- (cfwids)
DRV - [2011/04/14 14:01:38 | 000,052,320 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mfebopk.sys -- (mfebopk)
DRV - [2010/05/14 17:04:02 | 006,842,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC) Logitech HD Pro Webcam C910(UVC)
DRV - [2010/05/14 16:58:58 | 000,020,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\lvbusflt.sys -- (CompFilter)
DRV - [2010/05/07 18:43:30 | 000,025,824 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2009/02/13 12:02:52 | 000,011,520 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\wdcsam.sys -- (WDC_SAM)
DRV - [2006/11/10 16:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/11/08 12:59:50 | 000,530,304 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PA707UCM.SYS -- (PAC7311)
DRV - [2005/12/01 15:17:40 | 000,014,208 | ---- | M] (Kensington Technology Group) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kkw_hid.sys -- (KKW_HID)
DRV - [2005/11/30 10:12:36 | 000,162,560 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/10/11 21:20:56 | 000,019,328 | ---- | M] (Insyde Software) [Kernel | On_Demand | Stopped] -- C:\Documents and Settings\KRISTI~1NEW\LOCALS~1\Temp\isc2Ctmp\iscflash.sys -- (iscFlash)
DRV - [2005/09/01 11:41:56 | 000,092,032 | ---- | M] (Kensington Technology Group) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMW_SYS.sys -- (KMW_SYS)
DRV - [2005/09/01 11:41:36 | 000,005,760 | ---- | M] (Kensington Technology Group) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\KMW_KBD.sys -- (KMW_KBD)
DRV - [2005/09/01 11:41:34 | 000,010,496 | ---- | M] (Kensington Technology Group) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KMW_USB.sys -- (KMW_USB)
DRV - [2005/07/04 17:54:08 | 000,098,176 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005/06/27 20:48:08 | 000,053,504 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2005/06/02 05:33:00 | 000,102,384 | ---- | M] (Matsushita Electric Industrial Co.,Ltd.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\meiudf.sys -- (meiudf)
DRV - [2005/05/30 20:28:38 | 000,008,576 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
DRV - [2005/05/27 13:39:40 | 000,034,176 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2005/05/10 19:50:00 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005/04/12 18:19:42 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/03/30 19:18:40 | 000,230,400 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005/03/30 14:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005/03/02 10:45:24 | 000,004,864 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2005/01/11 12:05:00 | 000,204,160 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\KR10N.sys -- (KR10N)
DRV - [2005/01/06 15:42:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/12/21 13:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004/12/15 19:30:14 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd) Bluetooth Audio Device (WDM)
DRV - [2004/11/29 20:51:52 | 000,122,928 | ---- | M] (SP) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SPCA561.SYS -- (CA561)
DRV - [2004/10/29 21:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2004/10/15 14:20:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/10/04 12:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004/08/12 11:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/06/16 13:19:58 | 000,046,080 | ---- | M] (SMSC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2003/09/19 18:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (Pfc)
DRV - [2003/06/11 10:53:22 | 000,006,867 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\tbiosdrv.sys -- (TBiosDrv)
DRV - [2003/01/29 16:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2003/01/10 16:13:04 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2002/10/16 15:55:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Toshidpt.sys -- (toshidpt)
DRV - [2000/03/29 20:11:20 | 000,008,096 | ---- | M] (MicroStaff Co.,Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\MASPINT.SYS -- (MASPINT)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomSearch = http://us.rd.yahoo.com/customize/ie/defaults/cs/msgr8/*http://www.yahoo.com/ext/search/search.html
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 68 94 69 8A 67 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:2.9
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@ei.iWon.com/Plugin: C:\Program Files\iWonEI\Installr\2.bin\NPjfEISB.dll (iWon)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2010/03/05 22:01:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011/09/12 20:57:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/12 20:43:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/09 09:43:44 | 000,000,000 | ---D | M]

[2009/09/12 13:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Extensions
[2009/09/12 13:07:12 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Extensions\mozswing@mozswing.org
[2011/09/06 11:15:20 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Firefox\Profiles\r02vssvw.default\extensions
[2011/08/03 10:58:12 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Firefox\Profiles\r02vssvw.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/09/06 11:15:21 | 000,000,000 | ---D | M] (BetterLinks) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Firefox\Profiles\r02vssvw.default\extensions\smartlinks@getsmartlinks.com
[2011/05/11 21:22:11 | 000,000,000 | ---D | M] (ShopAtHome.com Intelligent Shopping Toolbar) -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Firefox\Profiles\r02vssvw.default\extensions\toolbar@shopathome.com
[2009/09/28 20:46:40 | 000,002,160 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Application Data\Mozilla\Firefox\Profiles\r02vssvw.default\searchplugins\MySpace.xml
[2011/05/11 21:51:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/05/11 21:51:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/04/30 14:27:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\distribution\extensions
[2011/04/30 14:27:11 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2011/05/11 21:50:30 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/12 20:57:29 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
[2009/09/02 03:00:33 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/09/12 20:43:05 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files\mozilla firefox\components\Scriptff.dll
[2011/05/18 23:31:11 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol400.dll
[2011/05/18 23:31:12 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files\mozilla firefox\plugins\NPcol500.dll
[2011/03/18 13:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/05/11 21:50:27 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/18 13:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2011/09/12 20:42:56 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/04/30 14:29:28 | 000,002,024 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\McSiteAdvisor.xml

O1 HOSTS File: ([2004/08/04 07:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - No CLSID value found.
O2 - BHO: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - No CLSID value found.
O2 - BHO: (no name) - {9291ddd4-88b0-4a07-a03f-653287bb7b37} - No CLSID value found.
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (no name) - {CE7C3CF0-4B15-11D1-ABED-709549C10000} - No CLSID value found.
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {9291ddd4-88b0-4a07-a03f-653287bb7b37} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {9291DDD4-88B0-4A07-A03F-653287BB7B37} - No CLSID value found.
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {BC4FFE41-DE9F-46FA-B455-AAD49B9F9938} - No CLSID value found.
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [LtMoh] C:\Program Files\ltmoh\ltmoh.exe (Agere Systems)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [MSWheel] File not found
O4 - HKLM..\Run: [Pinger] c:\toshiba\ivp\ism\pinger.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [TPSMain] C:\WINDOWS\System32\TPSMain.exe (TOSHIBA Corporation)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\WDSmartWare.lnk = C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe (Western Digital)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {02A2D714-433E-46E4-B217-7C3B3FAF8EAE} http://www.worldwinner.com/games/v47/scrabblecubes/scrabblecubes.cab (ScrabbleCubes Control)
O16 - DPF: {038E2507-7A48-41E2-94AD-7F23D199AF4E} http://www.worldwinner.com/games/v54/zengems/zengems.cab (ZenGems Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} https://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} http://www.worldwinner.com/games/v47/shared/FunGamesLoader.cab (FunGamesLoader Object)
O16 - DPF: {2C153C75-8476-434B-B3C3-57B63A3D1939} http://www.worldwinner.com/games/v48/brickout/brickout.cab (Brickout Control)
O16 - DPF: {615F158E-D5CA-422F-A8E7-F6A5EED7063B} http://www.worldwinner.com/games/v51/bejeweled/bejeweled.cab (Bejeweled Control)
O16 - DPF: {61900274-3323-4446-BDCD-91548D32AF1B} http://www.worldwinner.com/games/v56/spidersolitaire/spidersolitaire.cab (SpiderSolitaire Control)
O16 - DPF: {62969CF2-0F7A-433B-A221-FD8818C06C2F} http://www.worldwinner.com/games/v49/blockwerx/blockwerx.cab (Blockwerx Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} https://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8A0019EB-51FA-4AE5-A40B-C0496BBFC739} http://picture.vzw.com/activex/VerizonWirelessUploadControl.cab (Verizon Wireless Media Upload)
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab (Wwlaunch Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab (WorldWinner ActiveX Launcher Control)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {97438FE9-D361-4279-BA82-98CC0877A717} http://www.worldwinner.com/games/v57/cubis/cubis.cab (Cubis Control)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace.com/upload/MySpaceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {A52FBD2B-7AB3-4F6B-90E3-91C772C5D00F} http://www.worldwinner.com/games/v57/wof/wof.cab (WoF Control)
O16 - DPF: {A91FB93D-7561-4524-8484-5C27C8FA8D42} http://www.worldwinner.com/games/v50/luxor/luxor.cab (WwLuxor Control)
O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} http://www.worldwinner.com/games/v67/swapit/swapit.cab (SwapIt Control)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {BA35B9B8-DE9E-47C9-AFA7-3C77E3DDFD39} http://www.worldwinner.com/games/v46/monopoly/monopoly.cab (Monopoly Control)
O16 - DPF: {BA94245D-2AA0-4953-9D9F-B0EE4CC02C43} http://www.worldwinner.com/games/v42/tilecity/tilecity.cab (Tilecity Control)
O16 - DPF: {C5326A4D-E9AA-40AD-A09A-E74304D86B47} http://www.worldwinner.com/games/v52/dinerdash/dinerdash.cab (DinerDash Control)
O16 - DPF: {C82BB209-F528-46F9-96D5-69DEF7260916} http://www.worldwinner.com/games/v45/mysterypi/mysterypi.cab (MysteryPI Control)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 167.206.245.130 167.206.245.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F7AAF66F-105B-4B79-8598-CD97AFB6106C}: DhcpNameServer = 167.206.245.130 167.206.245.129
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\comdev: DllName - (comdev.dll) - C:\WINDOWS\System32\comdev.dll ()
O20 - Winlogon\Notify\IntelWireless: DllName - (C:\Program Files\Intel\Wireless\Bin\LgNotify.dll) - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Kristina.Newman\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Kristina.Newman\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005/07/28 15:12:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4fb3c481-a774-11dd-9861-0013ce973a65}\Shell - "" = AutoRun
O33 - MountPoints2\{4fb3c481-a774-11dd-9861-0013ce973a65}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4fb3c481-a774-11dd-9861-0013ce973a65}\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\MI.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found


SafeBootMin: AppMgmt - File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: ioloSystemService - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SafeBootMin: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: AppMgmt - File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: ioloSystemService - C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe (iolo technologies, LLC)
SafeBootNet: McMPFSvc - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: mcmscsvc - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Program Files\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: mfefire - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe (McAfee, Inc.)
SafeBootNet: mfefirek - C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfefirek.sys - C:\WINDOWS\system32\drivers\mfefirek.sys (McAfee, Inc.)
SafeBootNet: mfehidk - C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfehidk.sys - C:\WINDOWS\system32\drivers\mfehidk.sys (McAfee, Inc.)
SafeBootNet: mfevtp - C:\WINDOWS\system32\mfevtps.exe (McAfee, Inc.)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {A17E30C4-A9BA-11D4-8673-60DB54C10000} - Reg Error: Value error.
ActiveX: {AA218328-0EA8-4D70-8972-E987A9190FF4} - Reg Error: Value error.
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.I420 - C:\WINDOWS\System32\lvcodec2.dll (Logitech Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)

otl part 2:

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/09/15 06:13:44 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kristina.Newman\Desktop\OTL.com
[2011/09/15 06:07:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\McAfee
[2011/09/12 22:00:28 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/09/12 21:17:08 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/09/12 21:17:08 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/09/12 21:17:08 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/09/12 21:17:08 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/09/12 20:51:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/09/08 23:22:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\LogiShrd
[2011/09/08 23:21:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\My Documents\SightSpeed Recordings
[2011/09/08 23:21:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Local Settings\Application Data\LogiShrd
[2011/09/08 23:03:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Application Data\Leadertech
[2011/09/08 22:56:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\logishrd
[2011/09/08 22:55:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Logitech
[2011/09/08 22:55:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LWS
[2011/09/08 22:53:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Logitech
[2011/09/08 22:53:47 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2011/09/08 22:53:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2011/09/08 22:44:26 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2011/09/08 22:44:26 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2011/09/06 19:52:17 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2011/09/06 13:18:13 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/09/06 13:18:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kristina.Newman\Start Menu\Programs\Administrative Tools
[2011/09/06 11:15:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Local Settings\Application Data\OpenCandy
[2011/09/06 11:15:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Application Data\OpenCandy
[2011/09/06 02:15:40 | 000,000,000 | ---D | C] -- C:\sm452v12
[2011/09/03 05:17:37 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/02 12:19:53 | 000,551,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2011/09/02 12:03:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\iolo
[2011/09/01 14:17:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\iolo
[2011/09/01 14:17:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\System Mechanic
[2011/09/01 14:17:13 | 002,083,464 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\Incinerator32.dll
[2011/09/01 14:17:13 | 000,011,776 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\smrgdf.exe
[2011/09/01 14:17:12 | 000,056,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\offreg.dll
[2011/09/01 14:17:12 | 000,029,696 | ---- | C] (iolo technologies, LLC) -- C:\WINDOWS\System32\iolobtdfg.exe
[2011/09/01 14:17:11 | 000,000,000 | ---D | C] -- C:\Program Files\iolo
[2011/09/01 14:12:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Application Data\iolo
[2011/09/01 14:12:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\iolo
[2011/08/31 07:05:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kristina.Newman\Application Data\Malwarebytes
[2011/08/31 07:05:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/08/31 07:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/08/31 07:04:57 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/31 07:04:56 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/08/28 21:25:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/08/28 21:21:40 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/08/28 21:20:10 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/08/28 21:02:57 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/08/28 20:54:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/08/28 20:50:40 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2005/07/28 15:39:18 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\DLLVGA.dll

========== Files - Modified Within 30 Days ==========

[2011/09/15 06:13:56 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kristina.Newman\Desktop\OTL.com
[2011/09/15 06:11:12 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/09/15 06:11:03 | 000,000,900 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/15 06:07:19 | 000,000,324 | -HS- | M] () -- C:\WINDOWS\tasks\Buqvlyk.job
[2011/09/15 06:07:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/09/15 06:07:14 | 2138,554,368 | -HS- | M] () -- C:\hiberfil.sys
[2011/09/15 05:43:08 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/09/15 05:43:02 | 000,000,904 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/15 05:41:33 | 000,913,968 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Desktop\Read This Before Posting.mht
[2011/09/15 05:27:41 | 000,000,442 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{939B4311-85DC-4067-807D-857ADBC3E39E}.job
[2011/09/12 22:00:33 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/09/12 19:28:36 | 000,000,810 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/09/09 09:43:45 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk
[2011/09/09 04:12:13 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2011/09/08 23:30:07 | 000,001,654 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2011/09/08 22:53:54 | 000,001,269 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2011/09/06 10:59:35 | 000,000,357 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Desktop\BIOS Launcher.lnk
[2011/09/05 02:07:53 | 000,286,112 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/09/05 02:04:22 | 002,339,003 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Desktop\dirty heatsink.jpg
[2011/09/05 02:00:33 | 000,446,358 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/09/05 02:00:33 | 000,073,398 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/09/01 14:19:22 | 000,000,406 | ---- | M] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2011/09/01 14:17:41 | 000,001,697 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Desktop\System Mechanic.lnk
[2011/09/01 14:13:31 | 000,074,703 | ---- | M] () -- C:\WINDOWS\System32\mfc45.dll
[2011/08/31 19:50:04 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/08/31 07:05:05 | 000,000,792 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/28 21:31:47 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\Kristina.Newman\Application Data\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk
[2011/08/28 21:31:46 | 000,001,854 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Safari.lnk
[2011/08/28 21:25:37 | 000,001,550 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/08/28 20:54:53 | 000,001,612 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk

========== Files Created - No Company Name ==========

[2011/09/15 05:41:21 | 000,913,968 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Desktop\Read This Before Posting.mht
[2011/09/12 22:00:33 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/09/12 22:00:31 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/09/12 21:42:57 | 2138,554,368 | -HS- | C] () -- C:\hiberfil.sys
[2011/09/12 21:17:08 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/09/12 21:17:08 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/09/12 21:17:08 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/09/12 21:17:08 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/09/12 21:17:08 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/09/08 23:30:07 | 000,001,654 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Vid HD.lnk
[2011/09/08 22:53:54 | 000,001,269 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Logitech Webcam Software .lnk
[2011/09/08 14:06:17 | 002,339,003 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Desktop\dirty heatsink.jpg
[2011/09/06 02:15:44 | 000,000,357 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Desktop\BIOS Launcher.lnk
[2011/09/05 01:29:36 | 000,178,996 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of hailey with grandparents 3.jpg
[2011/09/05 01:29:35 | 000,052,482 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey with grandparents 3.jpg
[2011/09/05 01:29:35 | 000,050,539 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey swimmin 5.jpg
[2011/09/05 01:29:35 | 000,046,819 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey swimmin.jpg
[2011/09/05 01:29:35 | 000,039,649 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey with grandparents 2.jpg
[2011/09/05 01:29:35 | 000,037,614 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey with grandparents.jpg
[2011/09/05 01:29:34 | 000,108,821 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Halloween.jpg
[2011/09/05 01:29:34 | 000,053,469 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey swimmin 4.jpg
[2011/09/05 01:29:34 | 000,051,878 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey swimmin 3.jpg
[2011/09/05 01:29:34 | 000,051,795 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey swimmin 2.jpg
[2011/09/05 01:29:34 | 000,046,864 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Christmas Vaca 2.jpg
[2011/09/05 01:29:34 | 000,043,553 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Christmas Vaca 3.jpg
[2011/09/05 01:29:34 | 000,031,936 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Christmas Vaca 5.jpg
[2011/09/05 01:29:34 | 000,030,279 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Christmas Vaca.jpg
[2011/09/05 01:29:33 | 000,597,303 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Adventures Take 1 006.jpg
[2011/09/05 01:29:33 | 000,136,160 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of hailey cake 3.jpg
[2011/09/05 01:29:33 | 000,038,394 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey cake 3.jpg
[2011/09/05 01:29:33 | 000,037,396 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey cake.jpg
[2011/09/05 01:29:33 | 000,036,259 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey cake 2.jpg
[2011/09/05 01:29:32 | 000,779,637 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Adventures Take 1 005.jpg
[2011/09/05 01:29:30 | 001,980,084 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Adventures Take 1 003.jpg
[2011/09/05 01:29:29 | 001,980,084 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey Adventures Take 1 001.jpg
[2011/09/05 01:29:29 | 000,131,204 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of Hailey & Mommy.jpg
[2011/09/05 01:29:28 | 000,201,111 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of family 5.jpg
[2011/09/05 01:29:28 | 000,124,789 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Hailey & Mommy.jpg
[2011/09/05 01:29:28 | 000,069,416 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\family.jpg
[2011/09/05 01:29:28 | 000,063,337 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\family 5.jpg
[2011/09/05 01:29:28 | 000,052,341 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\family 4.jpg
[2011/09/05 01:29:28 | 000,044,180 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey & mommy 3.jpg
[2011/09/05 01:29:28 | 000,040,923 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\hailey & mommy 2.jpg
[2011/09/05 01:29:27 | 000,874,854 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of untitled.bmp
[2011/09/05 01:29:27 | 000,139,459 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of 34102_10150225229170607_610685606_13385285_6298219_n.jpg
[2011/09/05 01:29:27 | 000,121,878 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\dads wedding.bmp
[2011/09/05 01:29:27 | 000,070,903 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\family 3.jpg
[2011/09/05 01:29:27 | 000,067,579 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\family 2.jpg
[2011/09/05 01:29:27 | 000,052,524 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\dad & diane.jpg
[2011/09/05 01:29:27 | 000,048,933 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Dad and me.jpg
[2011/09/05 01:29:26 | 000,188,240 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Copy of 29893_10150204380060607_610685606_12767286_3877023_n.jpg
[2011/09/05 01:29:26 | 000,091,181 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\Avery.jpg
[2011/09/05 01:29:26 | 000,034,023 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\bros.jpg
[2011/09/05 01:29:26 | 000,027,119 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\545300523_1929641253_524859740_1278473927404.jpg
[2011/09/05 01:29:26 | 000,011,537 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\545300523_1929641253_524859740_1278473909919.jpg
[2011/09/05 01:29:26 | 000,011,187 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442580429_1540246105_0.jpg
[2011/09/05 01:29:26 | 000,010,485 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442580640_1540246932_0.jpg
[2011/09/05 01:29:26 | 000,009,391 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442580842_1540247706_0.jpg
[2011/09/05 01:29:26 | 000,004,085 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442581530_1540250321_0.jpg
[2011/09/05 01:29:25 | 000,012,794 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442579246_1540241732_0.jpg
[2011/09/05 01:29:25 | 000,011,548 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442578495_1540238960_0.jpg
[2011/09/05 01:29:25 | 000,011,529 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442579973_1540244431_0.jpg
[2011/09/05 01:29:25 | 000,010,374 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442579720_1540243474_0.jpg
[2011/09/05 01:29:25 | 000,010,213 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442578762_1540239957_0.jpg
[2011/09/05 01:29:25 | 000,010,077 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442578108_1540237550_0.jpg
[2011/09/05 01:29:25 | 000,009,219 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442580202_1540245268_0.jpg
[2011/09/05 01:29:25 | 000,008,915 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442579031_1540240910_0.jpg
[2011/09/05 01:29:25 | 000,008,870 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442577866_1540236662_0.jpg
[2011/09/05 01:29:24 | 000,168,510 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\40978_105301456193883_100001420879024_46653_5434470_n.jpg
[2011/09/05 01:29:24 | 000,158,768 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\32461_121432367884053_100000518705474_224660_1149171_n.jpg
[2011/09/05 01:29:24 | 000,140,394 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\34102_10150225229165607_610685606_13385284_5035348_n.jpg
[2011/09/05 01:29:24 | 000,123,666 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\33496_105290586194970_100001420879024_46542_3440585_n.jpg
[2011/09/05 01:29:24 | 000,066,667 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\29893_10150204380060607_610685606_12767286_3877023_n.jpg
[2011/09/05 01:29:24 | 000,041,984 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\34102_10150225229170607_610685606_13385285_6298219_n.jpg
[2011/09/05 01:29:24 | 000,011,896 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442577635_1540235854_0.jpg
[2011/09/05 01:29:24 | 000,009,970 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\My Documents\442577331_1540234752_0.jpg
[2011/09/01 14:19:22 | 000,000,406 | ---- | C] () -- C:\WINDOWS\System32\ioloBootDefrag.cfg
[2011/09/01 14:17:41 | 000,001,697 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Desktop\System Mechanic.lnk
[2011/09/01 14:13:31 | 000,074,703 | ---- | C] () -- C:\WINDOWS\System32\mfc45.dll
[2011/08/31 07:05:06 | 000,000,810 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Application Data\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk
[2011/08/31 07:05:05 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/08/28 21:25:37 | 000,001,550 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/08/28 20:54:52 | 000,001,612 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/05/02 12:14:45 | 000,001,302 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\2u1gy43u8px6b83kf3128b30xu2o810051k
[2011/04/18 19:09:28 | 000,013,906 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\4o8dd5y80jo00c4a2tdod0i741466er6s8n6h8pv7n
[2011/04/10 22:35:11 | 000,081,920 | RHS- | C] () -- C:\WINDOWS\System32\umloaderq.dll
[2011/01/07 19:55:30 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Kristina.Newman\Application Data\MyPhrases.dta
[2010/05/14 16:56:06 | 010,830,680 | ---- | C] () -- C:\WINDOWS\System32\LogiDPP.dll
[2010/05/14 16:56:06 | 000,102,744 | ---- | C] () -- C:\WINDOWS\System32\LogiDPPApp.exe
[2010/05/14 16:55:58 | 000,290,648 | ---- | C] () -- C:\WINDOWS\System32\DevManagerCore.dll
[2010/05/14 16:47:00 | 000,090,071 | ---- | C] () -- C:\WINDOWS\System32\lvcoinst.ini
[2010/05/07 18:46:36 | 000,014,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2010/05/07 18:43:30 | 000,025,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009/10/12 23:14:50 | 000,060,580 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/01/19 17:10:32 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\kmw_show.exe
[2008/08/26 13:45:33 | 000,164,906 | ---- | C] () -- C:\WINDOWS\hpoins21.dat
[2008/08/26 13:45:33 | 000,007,262 | ---- | C] () -- C:\WINDOWS\hpomdl21.dat
[2008/02/04 22:15:59 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2007/12/10 01:26:51 | 000,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP7311.INI
[2007/11/26 21:59:26 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\PAStiSvc.exe
[2007/10/30 20:49:47 | 000,000,118 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2006/11/14 18:49:11 | 000,000,020 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
[2006/09/26 21:33:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI
[2006/09/26 20:45:24 | 000,000,047 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005/12/22 18:34:34 | 000,030,208 | ---- | C] () -- C:\WINDOWS\System32\WNASPI32.DLL
[2005/12/22 18:34:34 | 000,000,291 | ---- | C] () -- C:\WINDOWS\msfsetup.ini
[2005/12/09 12:41:57 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/08/08 13:53:05 | 000,034,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\WOWXT_kern_i386.sys
[2005/08/08 13:53:05 | 000,029,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\TSXT_kern_i386.sys
[2005/08/08 13:47:49 | 000,000,012 | ---- | C] () -- C:\WINDOWS\dirsaver.ini
[2005/07/28 16:20:02 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/07/28 16:17:57 | 000,000,228 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/07/28 16:15:03 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/07/28 16:15:03 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/07/28 16:15:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/07/28 16:15:03 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/07/28 16:15:03 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/07/28 16:15:03 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/07/28 16:13:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2005/07/28 16:12:59 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\MousePage.dll
[2005/07/28 15:55:47 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2005/07/28 15:44:46 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2005/07/28 15:44:46 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2005/07/28 15:44:46 | 000,010,165 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2005/07/28 15:44:46 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2005/07/28 15:40:24 | 000,090,112 | ---- | C] () -- C:\WINDOWS\InstDrvr.exe
[2005/07/28 15:40:24 | 000,006,867 | ---- | C] () -- C:\WINDOWS\System32\drivers\tbiosdrv.sys
[2005/07/28 15:39:18 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TCtrlIO.dll
[2005/07/28 15:19:39 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/07/28 15:14:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2005/07/28 15:10:00 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2005/07/28 15:08:47 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005/07/28 13:50:53 | 000,000,341 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/07/28 13:48:07 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/07/28 13:48:02 | 000,446,358 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2005/07/28 13:48:02 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2005/07/28 13:48:02 | 000,073,398 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2005/07/28 13:48:02 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2005/07/28 13:48:00 | 000,004,631 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2005/07/28 13:47:58 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/07/28 13:47:56 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/07/28 13:47:49 | 000,099,840 | ---- | C] () -- C:\WINDOWS\System32\mprmsg.dll
[2005/07/28 13:47:48 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2005/07/28 13:47:47 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2005/07/28 13:47:44 | 003,329,630 | ---- | C] () -- C:\WINDOWS\System32\sndlan.exe
[2005/07/28 13:47:44 | 001,833,452 | ---- | C] () -- C:\WINDOWS\System32\mfcftp.dll
[2005/07/28 13:47:44 | 000,931,586 | ---- | C] () -- C:\WINDOWS\System32\comdev.dll
[2005/07/28 13:47:44 | 000,379,443 | ---- | C] () -- C:\WINDOWS\System32\usbman.dll
[2005/07/28 13:47:36 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2005/07/28 13:47:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2005/07/28 08:04:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2005/07/28 08:03:39 | 000,286,112 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2005/06/30 15:15:40 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/12/02 17:20:12 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/09/22 12:09:06 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2004/08/12 11:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/07/20 19:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 16:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2004/01/13 20:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/07/29 17:33:26 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\TosHidAPI.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >

< %PROGRAMFILES%\Common Files\*.* >

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2011/09/12 20:43:05 | 000,125,912 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2011/09/12 20:42:57 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
[2011/09/12 20:42:54 | 000,269,272 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/04/10 22:35:11 | 000,081,920 | RHS- | M] () Unable to obtain MD5 -- C:\WINDOWS\system32\umloaderq.dll

< %systemroot%\Tasks\*.job /lockedfiles >
[2011/09/15 06:07:19 | 000,000,324 | -HS- | M] () Unable to obtain MD5 -- C:\WINDOWS\Tasks\Buqvlyk.job

< %systemroot%\system32\drivers\*.* /lockedfiles >

< %PROGRAMFILES%\*. >
[2010/02/04 22:28:39 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/04/30 12:48:15 | 000,000,000 | ---D | M] -- C:\Program Files\America Online 9.0
[2005/07/28 15:43:11 | 000,000,000 | ---D | M] -- C:\Program Files\Analog Devices
[2011/07/22 10:38:55 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2006/11/14 18:42:31 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2011/08/28 21:03:02 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2011/09/08 22:55:11 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2008/03/21 18:39:32 | 000,000,000 | ---D | M] -- C:\Program Files\Conduit
[2011/05/11 21:31:36 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2005/07/28 16:10:24 | 000,000,000 | ---D | M] -- C:\Program Files\DataLode
[2005/07/28 15:56:17 | 000,000,000 | ---D | M] -- C:\Program Files\DVD-RAM
[2009/09/16 16:02:15 | 000,000,000 | ---D | M] -- C:\Program Files\FilmLoop Player
[2008/07/08 21:47:45 | 000,000,000 | ---D | M] -- C:\Program Files\FinePixViewer
[2010/03/05 22:01:38 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2008/08/26 13:51:17 | 000,000,000 | ---D | M] -- C:\Program Files\HP
[2008/08/29 20:43:10 | 000,000,000 | ---D | M] -- C:\Program Files\iLinc
[2005/07/28 16:24:26 | 000,000,000 | ---D | M] -- C:\Program Files\illiminable
[2010/12/18 23:26:41 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2005/12/09 12:51:47 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2006/09/26 20:44:56 | 000,000,000 | ---D | M] -- C:\Program Files\InterActual
[2011/09/05 01:28:11 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2005/12/09 12:38:14 | 000,000,000 | ---D | M] -- C:\Program Files\InterVideo
[2011/09/01 14:17:11 | 000,000,000 | ---D | M] -- C:\Program Files\iolo
[2011/08/28 21:21:42 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2006/11/14 19:32:49 | 000,000,000 | ---D | M] -- C:\Program Files\IrfanView
[2011/08/28 21:25:17 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/01/17 23:32:45 | 000,000,000 | ---D | M] -- C:\Program Files\iWonEI
[2011/05/11 21:50:08 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2009/01/19 17:10:27 | 000,000,000 | ---D | M] -- C:\Program Files\Kensington
[2010/12/18 23:26:42 | 000,000,000 | ---D | M] -- C:\Program Files\Kodak
[2005/07/28 16:21:44 | 000,000,000 | ---D | M] -- C:\Program Files\Learn2.com
[2011/09/09 08:20:58 | 000,000,000 | ---D | M] -- C:\Program Files\Logitech
[2005/07/28 15:44:46 | 000,000,000 | ---D | M] -- C:\Program Files\ltmoh
[2011/09/12 20:57:31 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/02/19 01:50:40 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee
[2011/02/19 01:49:27 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee.com
[2010/08/22 21:10:14 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2005/07/28 15:12:13 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2011/09/06 10:59:06 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2008/09/02 18:01:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/11/09 04:11:43 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2008/09/02 18:00:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2010/08/24 03:02:36 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2011/09/12 20:43:45 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/04/23 18:24:42 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2007/10/26 18:26:44 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2005/07/28 15:08:53 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2008/11/29 12:52:26 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2009/04/23 18:19:08 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 6.0
[2010/06/07 19:32:35 | 000,000,000 | ---D | M] -- C:\Program Files\NCH Swift Sound
[2010/08/22 11:58:17 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2006/11/14 18:43:42 | 000,000,000 | ---D | M] -- C:\Program Files\Nikon
[2009/09/16 16:04:25 | 000,000,000 | ---D | M] -- C:\Program Files\Notebook Maximizer
[2005/07/28 15:10:35 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/12/16 04:02:01 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2006/11/14 18:45:01 | 000,000,000 | ---D | M] -- C:\Program Files\PictureProject In Touch Downloader
[2011/02/04 22:19:44 | 000,000,000 | ---D | M] -- C:\Program Files\PopCap Games
[2009/10/09 03:08:40 | 000,000,000 | ---D | M] -- C:\Program Files\Pure Networks
[2009/09/16 16:11:55 | 000,000,000 | ---D | M] -- C:\Program Files\Quicken
[2011/08/28 20:55:47 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2009/04/23 18:24:28 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2005/12/22 18:29:46 | 000,000,000 | ---D | M] -- C:\Program Files\REGSHAVE
[2011/08/28 21:32:05 | 000,000,000 | ---D | M] -- C:\Program Files\Safari
[2011/08/31 20:27:43 | 000,000,000 | ---D | M] -- C:\Program Files\SelectRebates
[2008/07/09 17:11:42 | 000,000,000 | ---D | M] -- C:\Program Files\Siber Systems
[2005/12/09 12:41:14 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2009/05/24 10:08:38 | 000,000,000 | ---D | M] -- C:\Program Files\SweetIM
[2005/07/28 15:46:10 | 000,000,000 | ---D | M] -- C:\Program Files\Synaptics
[2005/12/13 15:39:57 | 000,000,000 | ---D | M] -- C:\Program Files\TOSHIBA
[2006/11/06 22:40:43 | 000,000,000 | ---D | M] -- C:\Program Files\TryMedia
[2007/12/10 01:26:53 | 000,000,000 | ---D | M] -- C:\Program Files\VGA USB Camera
[2005/07/28 16:21:43 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2009/04/30 20:54:09 | 000,000,000 | ---D | M] -- C:\Program Files\VZWDownloadManager
[2010/06/05 18:26:14 | 000,000,000 | ---D | M] -- C:\Program Files\Western Digital
[2010/08/22 11:58:13 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2010/08/22 11:58:12 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/07/28 15:12:13 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
[2010/12/18 14:16:34 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!


< MD5 for: AGP440.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:AGP440.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

< MD5 for: ATAPI.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:atapi.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004/08/04 00:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
[2004/08/04 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0004\DriverFiles\i386\atapi.sys

< MD5 for: DISK.SYS >
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:disk.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:disk.sys
[2004/08/04 07:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\I386\sp2.cab:disk.sys
[2010/08/22 11:48:17 | 023,852,652 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:disk.sys
[2004/08/04 07:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=00CA44E4534865F8A3B64F7C0984BFF0 -- C:\WINDOWS\$NtServicePackUninstall$\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\ServicePackFiles\i386\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\dllcache\disk.sys
[2008/04/13 13:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) MD5=044452051F3E02E7963599FC8F4F3E25 -- C:\WINDOWS\system32\drivers\disk.sys

< MD5 for: NETLOGON.DLL >
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 19:12:01 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
[2009/02/06 13:46:09 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=6C476D33D82F1054849790181E8F7772 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2004/08/04 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-09-15 10:47:01

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -rb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -hb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -sb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AMERIC~1.0\aol.exe [2005/02/07 15:04:30 | 000,038,000 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ReinstallCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -rb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\HideIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -hb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\InstallInfo\\ShowIconsCommand: C:\PROGRA~1\AMERIC~1.0\accdef.exe -sb [2005/02/07 15:04:30 | 000,016,496 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\aol.exe\shell\open\command\\: C:\PROGRA~1\AMERIC~1.0\aol.exe [2005/02/07 15:04:30 | 000,038,000 | ---- | M] (America Online, Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2011/09/12 20:42:55 | 000,713,016 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2011/09/12 20:43:03 | 000,924,632 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\WINDOWS\system32\ie4uinit.exe" -reinstall [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -hide [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\WINDOWS\system32\ie4uinit.exe" -show [2011/06/23 07:05:37 | 000,173,568 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2009/03/08 14:09:26 | 000,638,816 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: iexplore.exe
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Safari\Safari.exe" /reinstall [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Safari\Safari.exe" /hideicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Safari\Safari.exe" /showicons [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Safari.exe\shell\open\command\\: "C:\Program Files\Safari\Safari.exe" [2011/07/05 20:04:50 | 002,388,848 | ---- | M] (Apple Inc.)

< End of report >



aswmbr 1st log:

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-02 12:27:01
-----------------------------
12:27:01.031 OS Version: Windows 5.1.2600 Service Pack 3
12:27:01.031 Number of processors: 1 586 0xD08
12:27:01.031 ComputerName: MSKMNEWMAN UserName:
12:27:01.602 Initialze error C000010E - driver not loaded
12:27:01.692 write error "aswCmnB.dll". The process cannot access the file because it is being used by another process.
12:27:37.012 Service scanning
12:27:43.151 Modules scanning
12:27:43.161 Disk 0 trace - called modules:
12:27:43.171
12:27:43.181 Scan finished successfully
12:28:33.934 The log file has been saved successfully to "C:\Documents and Settings\Kristina.Newman\Desktop\aswMBR02oct11kris.txt"

ps- then i tried to run gmer,but after the main screen opened up, the hourglass just kept turning round and round and i wasn't able to run it.

Hi,


Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
Link 3

When saving ComboFix rename it to Belahzur.exe to prevent it from being blocked by malware.


Refer to this image:

To prevent your anti-virus application interfering with ComboFix we need to disable it. See here for a tutorial regarding how to do so if you are unsure.

• Close any open windows and double click Belahzur.exe to run it.
  
  You will see the following image:
  

Click I Agree to start the program.

ComboFix will then extract the necessary files and you will see this:



As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. This will not occur in Windows Vista and 7

It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

If you did not have it installed, you will see the prompt below. Choose YES.



Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:



Click on Yes, to continue scanning for malware.

When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).

Leave your computer alone while ComboFix is running. ComboFix will restart your computer if malware is found; allow it to do so.

Note: Please Do NOT mouseclick combofix's window while its running because it may call it to stall.

hi, before i try the above, can i do it from hirens boot cd, boot from harddrive, safe mode with networking? also, i inplugged the internet connection, is that ok?

Yeah that's okay, use Safe Mode if needed.

ok, i'm booting with hirens bootcd, boot from harddrive, safe mode with networking...then i copy the combofix to the desktop via my thumbdrive, and run..the weird thing is that after copying the file to the desktop, the computer just sat there with the hourglass was going up and down again....i pulled out the thumbdrive, and immediately combofix started running...it took quite a while with the screen saying "attempting to create a restore point"..but it's finally finieshed with that and now starting with "scanning for infected files"...i imagine this will take a while..but will post as soon as it finishes...thanks!

btw, if it just sits there, how long should i wait until figuring that it isn't working? 1 hour?

it's been 55 mintues, and nothing is happening...cursor is blinking underneath "scanning for infected files...this typically doesn't take more than 10 minutes. howeer, scan times for badly infected machines may easily double

Okay if it seems like it's hung, restart the process and try it again.

ok, tried again, starting at 5:50pm...20 minutes later, no progress...is there something else I can try?